Mailinglist Archive: opensuse (3139 mails)

Re: [SLE] tcpdump ?)

Is there a way to strip all the tcp/ip stuff off and get just the payload?
Maybe there is another sniffer that manages this task better?

What sort of filtering are you doing? I often use Ethereal, which
allows filtering on all sorts of things, including protocol and addresses

Actually tcpdump doesn't filter at all besids selecting only frames
coming from a certain ip-adress.
AFAIK tcpdump usually just shows the headers but has the options -a -s
0 to expand the output beyond the frame headers. So I get a lot more
than I want.
Suppose a payload stream of a readable text like a book. In the ASCII
output there is the text and unreadable ASCII stuff where I think it has
to be protocol headers or trailers. Sometimes they split a word in two
parts with gibberish in between.